Export limit exceeded: 74699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (74699 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-20471 | 1 White Shark Systems Project | 1 White Shark Systems | 2024-11-21 | 8.8 High |
| White Shark System (WSS) 1.3.2 has an unauthorized access vulnerability in default_user_edit.php, remote attackers can exploit this vulnerability to escalate to admin privileges. | ||||
| CVE-2020-20469 | 1 White Shark Systems Project | 1 White Shark Systems | 2024-11-21 | 7.5 High |
| White Shark System (WSS) 1.3.2 has a SQL injection vulnerability. The vulnerability stems from the log_edit.php files failing to filter the csa_to_user parameter, remote attackers can exploit the vulnerability to obtain database sensitive information. | ||||
| CVE-2020-20451 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 7.5 High |
| Denial of Service issue in FFmpeg 4.2 due to resource management errors via fftools/cmdutils.c. | ||||
| CVE-2020-20450 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 7.5 High |
| FFmpeg 4.2 is affected by null pointer dereference passed as argument to libavformat/aviobuf.c, which could cause a Denial of Service. | ||||
| CVE-2020-20444 | 1 Openclinic Project | 1 Openclinic | 2024-11-21 | 7.2 High |
| Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the admin account by an infected 'file' GET parameter in '/shared/view_source.php' which "could" lead to RCE vulnerability . | ||||
| CVE-2020-20341 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 7.5 High |
| YzmCMS v5.5 contains a server-side request forgery (SSRF) in the grab_image() function. | ||||
| CVE-2020-20340 | 1 S-cms | 1 S-cms | 2024-11-21 | 7.5 High |
| A SQL injection vulnerability in the 4.edu.php\conn\function.php component of S-CMS v1.0 allows attackers to access sensitive database information. | ||||
| CVE-2020-20299 | 1 Weiphp | 1 Weiphp | 2024-11-21 | 7.5 High |
| WeiPHP 5.0 does not properly restrict access to pages, related to using POST. | ||||
| CVE-2020-20290 | 1 Yccms | 1 Yccms | 2024-11-21 | 7.5 High |
| Directory traversal vulnerability in the yccms 3.3 project. The delete, deletesite, and deleteAll functions' improper judgment of the request parameters, triggers a directory traversal vulnerability. | ||||
| CVE-2020-20183 | 1 Zyxel | 2 P1302-t10 V3, P1302-t10 V3 Firmware | 2024-11-21 | 7.5 High |
| Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00(ABBX.3) and earlier allows attackers to gain privileges and access certain admin pages. | ||||
| CVE-2020-20178 | 1 Whohas Project | 1 Whohas | 2024-11-21 | 7.5 High |
| Ethereum 0xe933c0cd9784414d5f278c114904f5a84b396919#code.sol latest version is affected by a denial of service vulnerability in the affected payout function. Once the length of this array is too long, it will result in an exception. Attackers can make attacks by creating a series of account addresses. | ||||
| CVE-2020-20128 | 1 Laracms Project | 1 Laracms | 2024-11-21 | 7.5 High |
| LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers. | ||||
| CVE-2020-20021 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 7.5 High |
| An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon. | ||||
| CVE-2020-1992 | 1 Paloaltonetworks | 3 Pa-7050, Pa-7080, Pan-os | 2024-11-21 | 8.1 High |
| A format string vulnerability in the Varrcvr daemon of PAN-OS on PA-7000 Series devices with a Log Forwarding Card (LFC) allows remote attackers to crash the daemon creating a denial of service condition or potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.2 on PA-7000 Series devices with an LFC installed and configured. This issue requires WildFire services to be configured and enabled. This issue does not affect PAN-OS 8.1 and earlier releases. This issue does not affect any other PA Series firewalls. | ||||
| CVE-2020-1991 | 2 Microsoft, Paloaltonetworks | 2 Windows, Traps | 2024-11-21 | 7.8 High |
| An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS. | ||||
| CVE-2020-1990 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 7.2 High |
| A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1. | ||||
| CVE-2020-1989 | 1 Paloaltonetworks | 1 Globalprotect | 2024-11-21 | 7 High |
| An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Linux 5.0 versions before 5.0.8; 5.1 versions before 5.1.1. | ||||
| CVE-2020-1985 | 2 Microsoft, Paloaltonetworks | 2 Windows, Secdo | 2024-11-21 | 7.8 High |
| Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows. | ||||
| CVE-2020-1984 | 2 Microsoft, Paloaltonetworks | 2 Windows, Secdo | 2024-11-21 | 7.8 High |
| Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk (C:\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows. | ||||
| CVE-2020-1983 | 6 Canonical, Debian, Fedoraproject and 3 more | 9 Ubuntu Linux, Debian Linux, Fedora and 6 more | 2024-11-21 | 7.5 High |
| A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service. | ||||